Deno Guide: A Secure JavaScript & TypeScript Runtime

Introducing Deno, a Node-like JS and TypeScript Runtime

May 2020 saw the release of Deno 1.0, and it’s been a pretty popular topic of conversation. If you’re wondering what the fuss is all about, you’ve come to the right place!

In this article, I hope to give you an overview of what Deno is. We’ll take a look at its key features, and ask why you might want to start learning this new tool.

What is Deno?

So what is it Deno, and why was it created? Deno is a JavaScript and TypeScript runtime, meaning you can write programs in either language and execute them from the command line. Unlike JavaScript run within a browser, Deno programs can access resources on the host computer, such as the filesystem and environment variables.

If you’re aware of Node.js, and you’re thinking that Deno sounds pretty similar, you’d be right. Deno is the brainchild of Node’s creator, Ryan Dahl, who created Deno to address what he sees as the design flaws in Node. The aims of the project are to provide a scripting environment that is secure by default, that treats TypeScript as a first-class language, and that is as browser-compatible as possible (where practical).

Security Features

Deno is designed to be secure out of the box. All code is executed in a secure sandbox by default, which means you need to give explicit permission to allow a program to access the network or the filesystem.

Programs can be granted permissions with the following command-line flags:

  • -A, –allow-all: allow all permissions (disables all security).
  • –allow-env: allow getting and setting of environment variables.
  • –allow-hrtime: allow high resolution time measurement (can be used in timing attacks and fingerprinting).
  • –allow-net=: allow network access. Optionally takes a comma-separated whitelist of domains.
  • –allow-plugin: allow loading plugins (unstable feature).
  • –allow-read=: allow file system read access. Optionally takes a comma-separated whitelist of directories or files.
  • –allow-run: allow running subprocesses.
  • –allow-write=: allow file system write access. Optionally takes a comma-separated whitelist of directories or files.

First-class TypeScript Support

As I mentioned earlier, Deno can execute both JavaScript and TypeScript. What’s more, Deno supports TypeScript as a first-class language. This means it can load and run your TypeScript code without any additional build step. There’s no need to set up additional tooling to transpile your code into JavaScript first.

Of course, since TypeScript is a superset of modern JavaScript, you can also write your code in good old JS if you want to! Deno supports some great, developer-friendly features such as ES Module imports

Using External Code

As Ryan mentioned in his talk, one of his goals for Deno was to avoid the need for a package manager. Unlike with runtimes/languages such as Node.js and PHP (which use the npm and composer package managers respectively), there’s no package manager for Deno.

Instead, external packages are imported directly via a URL:

import  Client  from "";

The first time you run your script, Deno will fetch, compile, and cache all the imports so that subsequent starts are lightning fast. Obviously there are times when you may want to force Deno to re-fetch the imports, and you can do this with the cache subcommand:

deno cache --reload my_module.ts

Continue reading
Deno Guide: A Secure JavaScript & TypeScript Runtime
on SitePoint.

Leave a Reply

Your email address will not be published. Required fields are marked *